Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts


Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique, dubbed ConsentFix, steals Microsoft 365 accounts without installing malware.

Researchers have discovered a ClickFix-style attack running as a sponsored advertisement on X. The ad was posted from a verified account, adding an extra layer of credibility to the scam.

ClickFix campaigns use convincing lures—historically fake “human verification” screens, and now a fake download for DynamicLake, a legitimate macOS utility that turns your MacBook’s notch into an unofficial but functional version of Apple’s Dynamic Island. This type of attack requires the user to paste a command from the clipboard, making it depend heavily on user interaction.

Read more…
Source:  MalwareBytes Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Defenders beware: A case for post-ransomware investigations

    October 18, 2022

    Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase. In this blog, DART researchers detail a recent ransomware incident in which the attacker used a ...

  • The benefits of taking an intent-based approach to detecting Business Email Compromise 

    October 18, 2022

    Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a 43 billion dollars loss. The report defines BEC as a scam targeting businesses (not individuals) ...

  • Linux dodges serious Wi-Fi security exploits

    October 17, 2022

    You may recall that Linus Torvalds recently added support for Rust in the Linux kernel. One of the big reasons for adding Rust was to put an end to Linux code memory problems. It can’t come soon enough. Recently, five serious Linux Wi-Fi security holes were uncovered. What did they all have in common? Go ahead, guess? ...

  • Malware dev claims to sell new BlackLotus Windows UEFI bootkit

    October 17, 2022

    A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. UEFI bootkits are planted in the system firmware and are invisible to security software running within the operating system because the malware loads in the initial ...

  • Phishing works so well crims won’t bother with deepfakes, says Sophos chap

    October 17, 2022

    Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos. “The thing with deepfakes is that we aren’t seeing a lot of it,” Sophos researcher John Shier told El Reg last week. Shier said current deepfakes – AI generated videos that mimic humans – aren’t the ...

  • MyDeal data breach impacts 2.2M users, stolen data for sale online

    October 17, 2022

    Woolworths’ MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. MyDeal is an Australian retail marketplace that connects online shoppers with local retailers. Retail giant Woolworths purchased 80% of the company in September but said their systems are on a completely different ...